$_ALLOW_ORIGIN = array(
'http://localhost:8080',
'http://udomain.zz',
);
$_ORIGIN = isset($_SERVER['HTTP_ORIGIN'])? $_SERVER['HTTP_ORIGIN'] : '';
if(in_array($_ORIGIN, $_ALLOW_ORIGIN)){
header('Access-Control-Allow-Origin:'.$_ORIGIN);
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS, post, get');
header("Access-Control-Max-Age", "3600");
header("Access-Control-Allow-Headers: *");
header("Access-Control-Allow-Credentials", "true");
}